Be careful: AV-killing worm spreads via Facebook chat and IM clients

A place to talk about relax topics, such as tailwaggers and jokes unrelated to our products, politics and religion. Please keep it clean.

Be careful: AV-killing worm spreads via Facebook chat and IM clients

Postby vita » 2012-08-31 3:31


A rather industrious piece of malware that - among other things - paves the way for other malware by disabling AV solutions and software update modules has been spotted spreading via several Instant Messaging applications (ICQ, Skype, GTalk, Pidgin, MSN, YIM) and Facebook:

3.jpg


The victims receive a message from an unknown user, offering a link to a funny or interesting video. If they follow it, the malware in question downloads automatically from the linked site and is executed.

The worm is capable to do many unwelcome things on the victims's computer:
It can bypass any existing firewall by marking itself as an allowed program
It drops copies of itself into a number of folders and hides them
It creates a run entry that will make it start every time a machine reboots
It searches the computer for AV solutions, Windows and Yahoo Update modules, then tries to disable them
It changes IE's start page and modifies Firefox' and Chrome's preference file
It receives commands from a remote attacker, which instructs it to enumerate instant messenger windows in the victim’s machine and post the message that promises an interesting video in order to spread itself further, or posts the same message in a Facebook chat after having sent a chat request on Facebook’s chat window.
But, as McAfee researchers point out, the worm is easy to remove.

"We kill the running instances of this process using Process Explorer or Task Manager," they shared. "The start-up entry made by the malware must be cleared as well to avoid its reloading after rebooting."

Users can protect themselves from this and other threats by not following links posted by unknown online "friends" or known contacts without checking whether they meant to do so or were the unsuspecting victims of this or similar malware.

news source: http://www.net-security.org/malware_news.php?id=2249
User avatar
vita
Advanced Member

Advanced Member
 
Posts: 155
Joined: 2012-02-01 3:06

Re: Be careful: AV-killing worm spreads via Facebook chat and IM clients

Postby canova » 2012-08-31 3:40

Finally, they find new way to spread virus. Just take care.
User avatar
canova
Regular Member

Regular Member
 
Posts: 61
Joined: 2012-05-18 4:39


Return to General Chat

Random Threads
ThreadThread StarterViews
Beware of fake Facebook account cancellation emailsvita2783
Increased Digital Sales Drive Presstek to Record Revenue: Summary of Second Quarter 2006 Earnings CallMichaelaberm0
Do you use UAC?vita10744
Air Jordan Shoes-nike2015shoes.comeavessellpatr0
findingdory full moviet7melat0

Who is online

Users browsing this forum: No registered users